Anomaly detection of web-based attacks
Proceedings of the 10th ACM conference on Computer and communications security
Gene Expression Programming: Mathematical Modeling by an Artificial Intelligence (Studies in Computational Intelligence)
Some Issues on Intrusion Detection in Web Applications
ICAISC '08 Proceedings of the 9th international conference on Artificial Intelligence and Soft Computing
A learning-based approach to the detection of SQL attacks
DIMVA'05 Proceedings of the Second international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Evolving accurate and compact classification rules with gene expression programming
IEEE Transactions on Evolutionary Computation
| Hi-index | 0.00 |
In the paper we present two approaches based on application of neural networks and Gene Expression Programming (GEP) to detect SQL attacks. SQL attacks are those attacks that take the advantage of using SQL statements to be performed. The problem of detection of this class of attacks is transformed to time series prediction and classification problems. SQL queries are used as a source of events in a protected environment. To differentiate between normal SQL queries and those sent by an attacker, we divide SQL statements into tokens and pass them to our detection system based on recurrent neural network (RNN), which predicts the next token, taking into account previously seen tokens. In the learning phase tokens are passed to a recurrent neural network (RNN) trained by backpropagation through time (BPTT) algorithm. Then, two coefficients of the rule are evaluated. The rule is used to interpret RNN output. In the testing phase RNN with the rule is examined against attacks and legal data to find out how evaluated rule affects efficiency of detecting attacks. The efficiency of this method of detecting intruders is compared with the results obtained from GEP.